Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gKqGtq5qjB8WPpqsE0YTXZ-DYm8.roa
File: gKqGtq5qjB8WPpqsE0YTXZ-DYm8.roa (raw, json)
Hash identifier: 2Zvt3F3vWuO806YurRyvYY4p9GAdmEVpVT/PyNZ1blg=
Subject key identifier: 80:AA:86:B6:AE:6A:8C:1F:16:3E:9A:AC:13:46:13:5D:9F:83:62:6F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01827B046AB46E4533E4FBDB7ADB2A313197
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gKqGtq5qjB8WPpqsE0YTXZ-DYm8.roa
Signing time: Mon 08 Aug 2022 01:14:23 +0000
ROA not before: Mon 08 Aug 2022 01:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7b:04:6a:b4:6e:45:33:e4:fb:db:7a:db:2a:31:31:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 01:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80aa86b6ae6a8c1f163e9aac1346135d9f83626f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:16:e5:ea:e8:e2:21:a5:86:47:38:e9:48:7c:
7b:53:21:95:16:7a:a5:12:51:11:41:e6:0e:12:31:
fb:02:22:b6:ce:f2:14:c7:3c:82:96:84:f2:21:46:
fc:cb:00:e2:37:11:87:18:30:bb:35:57:e3:8a:40:
4b:da:b3:a9:d3:9d:d7:be:6f:f0:fe:44:14:36:7a:
8e:a2:04:1b:4e:9b:94:da:aa:69:19:d6:90:bd:88:
a9:36:00:d7:a3:8e:59:3a:58:67:d6:d7:bf:ef:85:
0e:cf:ec:07:8d:43:a7:c3:fa:f1:ea:c0:7f:f1:ba:
b9:d8:7c:62:62:dd:97:f4:7c:08:2c:39:94:9e:81:
6f:13:c4:76:c2:17:03:fc:30:d2:91:da:e5:d5:b5:
8f:03:dd:70:33:e9:c5:ca:34:06:35:94:64:35:bd:
54:04:26:9f:7a:a4:06:79:66:c7:c3:7f:37:57:7e:
51:65:2f:1b:b4:54:29:80:7b:54:b6:ad:b4:18:ae:
d0:cc:e7:18:67:db:f7:29:9a:6f:2e:82:0a:a9:76:
b2:6c:6f:78:41:39:58:96:89:85:d6:a8:22:9f:5a:
e7:a5:48:13:3f:8c:89:1d:fb:01:ef:98:56:b3:6d:
70:da:9d:64:b1:49:90:73:69:f4:bc:36:19:8a:68:
31:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AA:86:B6:AE:6A:8C:1F:16:3E:9A:AC:13:46:13:5D:9F:83:62:6F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gKqGtq5qjB8WPpqsE0YTXZ-DYm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:1b:49:ba:3a:e1:f9:4c:3d:7f:22:84:45:67:5b:86:ab:c0:
1f:1d:ed:bc:cc:4c:1b:24:94:17:f1:26:f2:cb:a3:50:d3:df:
fe:d3:6f:da:a4:7d:17:1b:e3:48:8d:71:b6:df:f2:bb:04:d8:
ae:22:9c:7d:27:b4:a1:0f:2b:80:2d:85:f9:52:4c:55:81:a3:
fe:38:ca:00:53:a2:6b:96:4e:aa:80:a4:69:16:1b:d9:cc:1e:
90:b7:0a:35:d6:62:f8:ed:7f:90:ca:aa:8b:6f:e6:23:56:2f:
36:be:c7:09:f6:16:13:0a:43:7d:03:55:9d:11:8d:27:e6:da:
89:01:00:56:9a:50:68:1b:51:d0:97:1f:06:d3:dd:d4:99:84:
91:40:84:2b:bb:f0:19:14:36:e1:55:80:43:e5:eb:da:64:88:
b9:4b:bb:ee:c4:a9:8c:f6:ed:67:4c:03:f2:6c:39:3f:4d:a2:
04:a7:b8:51:9e:34:7f:4a:e0:84:94:08:3d:10:e9:d1:11:7c:
a5:a8:71:98:c8:1a:ce:9d:b6:92:3c:52:3b:fd:e6:3f:6f:93:
1f:fe:31:23:c2:f7:fc:48:c4:f3:2e:f7:2e:b6:7a:7a:1e:01:
25:46:96:a1:d9:c7:90:64:de:00:fc:12:93:b7:90:f2:f4:cb:
5e:75:e1:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJ7BGq0bkUz5PvbetsqMTGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODA4MDExNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGFhODZiNmFlNmE4YzFmMTYzZTlhYWMxMzQ2MTM1ZDlmODM2MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxbl6ujiIaWGRzjpSHx7UyGVFnql
ElERQeYOEjH7AiK2zvIUxzyCloTyIUb8ywDiNxGHGDC7NVfjikBL2rOp053Xvm/w
/kQUNnqOogQbTpuU2qppGdaQvYipNgDXo45ZOlhn1te/74UOz+wHjUOnw/rx6sB/
8bq52HxiYt2X9HwILDmUnoFvE8R2whcD/DDSkdrl1bWPA91wM+nFyjQGNZRkNb1U
BCafeqQGeWbHw383V35RZS8btFQpgHtUtq20GK7QzOcYZ9v3KZpvLoIKqXaybG94
QTlYlomF1qgin1rnpUgTP4yJHfsB75hWs21w2p1ksUmQc2n0vDYZimgxrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFICqhrauaowfFj6arBNGE12fg2JvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ0txR3RxNXFqQjhXUHBxc0UwWVRYWi1EWW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD4bSbo64flMPX8ihEVn
W4arwB8d7bzMTBsklBfxJvLLo1DT3/7Tb9qkfRcb40iNcbbf8rsE2K4inH0ntKEP
K4AthflSTFWBo/44ygBTomuWTqqApGkWG9nMHpC3CjXWYvjtf5DKqotv5iNWLza+
xwn2FhMKQ30DVZ0RjSfm2okBAFaaUGgbUdCXHwbT3dSZhJFAhCu78BkUNuFVgEPl
69pkiLlLu+7EqYz27WdMA/JsOT9NogSnuFGeNH9K4ISUCD0Q6dERfKWocZjIGs6d
tpI8Ujv95j9vkx/+MSPC9/xIxPMu9y62enoeASVGlqHZx5Bk3gD8EpO3kPL0y151
4eI=
-----END CERTIFICATE-----
Generated at Fri Jun 13 22:44:48 2025 by rpki-client